building-adversary-infrastructure-tracking-system

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt's example code and instantiation show API keys passed directly into request headers and into the tracker constructor (e.g., "YOUR_ST_KEY"), which encourages embedding secret values verbatim in generated code/requests and therefore creates exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's code and SKILL.md explicitly query open public sources (e.g., SecurityTrails endpoints in SKILL.md and scripts, crt.sh, URLhaus, and ThreatFox in scripts/agent.py) and then parse and pivot on those external responses to discover new domains/IPs and drive further lookups, so untrusted third-party content is read and used to determine follow-up actions.